Azure Linux 3.0 Security Update: kernel (CVE-2025-21887)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21887 advisory. - In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by...

Azure Linux 3.0 Security Update: containerd / containerd2 / moby-containerd / moby-containerd-cc (CVE-2024-40635)

The version of containerd / containerd2 / moby-containerd / moby-containerd-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40635 advisory. - containerd is an open-source container runtime. A b...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21917)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21917 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Flush the...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21963)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21963 advisory. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while...

Mageia: Security Advisory (MGASA-2025-0144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 4.0: Linux PHSA-2025-4.0-0790

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0790. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libxml2 (SUSE-SU-2025:1438-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1438-1 advisory. - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 -...

SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2025:1433-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1433-1 advisory. - CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Tenable has extracted the preceding description block...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2025:1434-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1434-1 advisory. - CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries...

SUSE SLES15 Security Update : redis (SUSE-SU-2025:1419-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1419-1 advisory. - CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Tenable has extracted the preceding description block directly from t...

CVE-2025-29906 Finit bundled getty can bypass /bin/login

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the tty configuration directive that can bypass /bin/login, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.1...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2025-119-02)

The version of mozilla-thunderbird installed on the remote host is prior to 128.10.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-119-02 advisory. New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues...

DSA-5907-1 linux - security update

Bulletin has no description...

Azure Linux 3.0 Security Update: libsoup (CVE-2025-32913)

The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32913 advisory. - A flaw was found in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a...

CBL Mariner 2.0 Security Update: giflib (CVE-2025-31344)

The version of giflib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-31344 advisory. - Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with...

Azure Linux 3.0 Security Update: qemu (CVE-2023-6683)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6683 advisory. - A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The...

CVE-2024-12863 Stored XSS in Discussions functionality

Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...

RHEL 8 : kernel (RHSA-2025:3832)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3832 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Fix out of bounds read...

Azure Linux 3.0 Security Update: ruby (CVE-2025-27220)

The version of ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-27220 advisory. - In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service ReDoS vulnerability exists in the...

Azure Linux 3.0 Security Update: edk2 / hvloader / openssl (CVE-2024-4741)

The version of edk2 / hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4741 advisory. - Issue summary: Calling the OpenSSL API function SSLfreebuffers May cause memory to be...